How to Build a Risk-Aware Company Culture in the Remote Work Era

At NewRocket, we’re proud to have a remote-first company culture that allows us to work with people worldwide. Our risk-aware culture is a huge part of what makes that work.

Published:

As companies evolve their remote and hybrid work models, technology risk management is no longer optional. To innovate and grow in distributed settings, companies must cultivate data transparency, informed decision-making, and an “all-for-one, one-for-all” approach to risk.  

Amid the talent crisis, technology risk management is opening doors for companies to expand geographically and hire people anywhere in the world. This requires leaders to rethink how to manage people, data, devices, and vendors. With Cybersecurity Awareness Month encouraging us to “See Yourself in Cyber,” a shift is in order.

At NewRocket, we’re proud to have a remote-first company culture that allows us to work with people worldwide. Our risk-aware culture is a huge part of what makes that work.  

What are the risks?

Before looking at how to reduce risk within the workplace, it’s important to understand where it originates. Here are three of the most common areas you might find added risk.

Personal devices

Employees manage remote work differently than in-office work. They might read email via a personal cell phone, access client documents through an external Google account, or export a Zoom call recording to a tablet for later review.

An employee may not intend to compromise company data, but it’s still a major cause for concern. In fact, 82% of data breaches result from human error.  

Third-party vendors

Remote work would be impossible without integrated software systems for video calls, live chat, data storage, and more. But as company leaders add more external vendors, they invite more risk into their organization.

Legal and compliance leaders have identified third-party vendors as a top threat to company assets. Gartner found that 83% of executives reported third-party risks were discovered after initial onboarding and due diligence.  

Ghost employees

When employees move on, what happens to their devices? What about their email accounts and system login information?  

Without firm protocols to regularly update passwords, close accounts, and collect devices, the departure of an employee can lead to data leaks and unauthorized changes to company assets.

How to build a risk-aware company culture

Though you’ll likely never be able to eliminate risk entirely, you can take proactive steps to minimize its impact. Through a combination of tools and processes — and the right mindset — you’ll be set up for long-term success.  

Create a risk-positive culture

A company that understands the importance of risk management and creates an environment that celebrates finding opportunities to improve the organization will not be afraid to speak up and point out weaknesses that could open your organization to threats.  

Too often, we see haranguing and finger-pointing when a problem is found. That only leads to frustrated and intimidated employees. Risk management must be considered and implemented as an enabler of your business, not as a disabler of your employees’ daily lives.

Streamline your tech

The more cohesive, the better. Risk management dashboards are powerful tools to build data transparency, win executive buy-in, automate processes, and get information to the right decision-makers.

Centralized risk management tools and insights equip employees to develop an understanding of the company’s risk management strategy and the role each employee plays in it. These tools also improve visibility into real-time compliance and enable fine-grained business impact analysis to appropriately prioritize and respond to risks.  

With full risk visibility across departments, employees will find more – and better – opportunities to build expertise and contribute to the company’s risk-aware culture.  

Always be monitoring

Trouble comes when you least expect it, so don’t wait. You’ll run into fewer issues when you proactively monitor, detect, assess, mitigate and remediate risks across internal and external ecosystems.

Don’t overwhelm employees if you want to keep them invested in the company’s risk management strategy. For continuous monitoring, look for opportunities to automate repetitive processes, freeing time for employees to dial into more fulfilling and impactful tasks.  

Ongoing risk monitoring also empowers companies to measure the efficacy of risk responses, glean actionable insights and identify trigger conditions before a problem occurs. No risk management strategy is complete without monitoring.  

Keep detailed records of assets

Company assets should be tracked, indexed and updated regularly to minimize risk, from employee laptops and cell phones to data and supply chains. With the rise of remote work, tracking assets has become even more complicated, so it’s important to use integrated tools to keep tabs on physical and intellectual property.

Companies can use records for a variety of risk management purposes, such as to prove compliance, avoid penalties, inform business decisions and keep assets secure. Records can also be used to track usage trends and implement systems for asset management. With company-specific standards in place, employees are better prepared to use assets wisely.

Tap department leaders for consistent communication

In distributed workforces, it can’t simply fall on one person to promote a company’s risk-aware culture. Organizations must look for ways to get the whole team on board with proactive risk management and ensure they understand it’s the entire team’s responsibility.  

To take risk awareness company-wide, let department heads be the experts on risk management for their direct reports. Encourage them to lead by example, frequently remind team members of role-specific best practices, and provide updates on new standards and insights.  

This communication must be consistent. If employees hear something once, they’ll likely forget about it — even unintentionally. But when risk awareness is baked into the company culture, that leads to significantly better results.

With a full-team focus on identifying and mitigating risk, your company will be well prepared to thrive in a remote work setting.

Melissa is a seasoned security strategist, technologist, and innovator. Feel free to connect with Melissa on LinkedIn.

Want to Learn More? Talk to an Expert
Contact Us

How to Build a Risk-Aware Company Culture in the Remote Work Era

At NewRocket, we’re proud to have a remote-first company culture that allows us to work with people worldwide. Our risk-aware culture is a huge part of what makes that work.

Knowledge Wrap Video

The event provided a vibrant platform for reconnecting with peers, delving into AI transformation, and driving innovation with purpose. Read on to discover how NewRocket made its mark at Knowledge 2024.

What We Learned

From recent insights gathered, we learned that ServiceNow customers are increasingly receptive to adopting AI solutions and ServiceNow has the tools to embrace that head on. However, there's a gap in AI use-cases for more mature users, highlighting the need for a creative approach to accommodate their business needs.

In navigating AI adoption, organizations are challenged to find the delicate balance between embracing innovation and avoiding dependency on emerging technologies. Advisory consulting and trusted guidance beyond initial queries spark interest, particularly around AI's impact on operations. Read our AI blog series to learn more about our approach.

Excitement around GenAI is apparent, with most users eager to explore its potential benefits and invest in quick wins. Notably, advanced use cases like process mining are gaining traction. Key solution themes include interest in native mobile applications, Employee Center migration, and the urgent need for enhanced data capabilities.

Recognitions and Awards

ServiceNow Americas Employee Workflow Partner of the Year

The ServiceNow Americas Employee Workflow Partner of the Year award celebrates Partners' exceptional efforts in enhancing employee experiences through innovative collaborations and technology solutions. Learn More.

UK Public Sector Partner of the Year Award

The ServiceNow UK Public Sector Partner of the Year underscores  Partners' dedication to driving digital transformation and delivering exceptional outcomes for public sector organizations in the UK.

ServiceNow.org Partnership for Good Grant

The ServiceNow.org Partnership for Good Grant highlights Partners' commitment to leveraging technology for social impact and driving positive change in communities around the world. Learn More.

Top 10 Finalist for ServiceNow Best Employee Portal of the Year

ServiceNow's Best Employee Portal of the Year award recognizing Partners' dedication to creating innovative solutions that empower employees and enhance workplace experiences. Learn More.

NewRocket Booth

At ServiceNow's Knowledge 24 event, we connected with 350+ attendees at our booth, showcasing how NewRocket supports organizations on their ServiceNow journey. AI emerged as a key topic, reflecting the growing interest in its potential across businesses. Our strategic advisory approach, FlightPath, aligns technology with business objectives, drawing on our expertise in customer, employee, technology, and security transformation. Plus, we captivated attendees by transforming them into astronauts using AI. See the photo booth results here!

Workshops and Speaking Sessions

Beyond Personas: Developing Holistic Frameworks to Personalize User Solutions

Industry innovation: Consilio’s Transformation Journey on ServiceNow

Dive Into Prototyping to Accelerate Validation With Design Libraries

Make Better Business Decisions by Integrating Risk and Compliance

Participating in ServiceNow's Knowledge sessions and workshops this year was truly enriching. Interacting with customers and partners provided invaluable insights into the future state of ServiceNow and allowed us to have in-depth discussions on how we can collectively offer better experiences across various facets of the platform. From exploring advanced AI integrations to optimizing workflow processes, the conversations were not only enlightening but also inspiring, fueling our commitment to innovation and excellence in the ServiceNow ecosystem. We can't wait to see you next year!

NewRocket Party

Our poolside event at the Capri restaurant in Las Vegas provided a refreshing break from the conference hustle, allowing us to unwind and connect with friends, colleagues, partners, and customers in the cool open air. As the night progressed, we loved creating unforgettable memories and strengthening our bonds within the ServiceNow community.